A growing number of Mac users are being tricked into downloading harmful software through fake verification messages. These scams look like normal human checks, such as Google’s “I’m not a robot” box, but are actually part of a malware campaign targeting Apple computers.
Researchers recently found that over 2,800 websites have been hacked to spread a malware called Atomic Stealer. This software is designed to steal passwords, browser data, crypto wallets, and personal files from infected Macs.
How the scam works
The attack begins when someone visits one of these infected websites. A fake pop-up appears, asking them to prove they’re human. It looks like a regular verification step we’re used to seeing online. Most people would not think twice before clicking.
But once the user clicks the button, a hidden code is quietly copied to their clipboard. Then, the pop-up gives strange instructions that tell the person to open the Terminal app on their Mac and paste the copied code.
If they follow these steps and press Enter, the malware gets installed on their system. The software then begins stealing information saved in the system’s password manager and browsers, as well as any crypto assets stored on the device.
Why this trick is dangerous
This attack is hard to catch
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.